Experience
Audits
Cyberforks runs hands-on security and compliance audits for organizations that want a practitioner's read, not a templated report โ delivering prioritized findings an executive or remediation team can act on without extra interpretation.
NIST CSF Audits
Evaluate your security positioning against the NIST Cybersecurity Framework.
- Stakeholder interviews and controls inventory
- Framework function and category mapping
- Gap analysis with prioritized remediation roadmap
- Executive-ready findings memo
Typical use: leadership assessment, board-review preparation.
HIPAA Compliance Audits
Security and Privacy Rule readiness for healthcare organizations and their associates.
- Risk assessment under ยง164.308(a)(1)
- Business Associate Agreement inventory and review
- Technical safeguards evaluation (encryption, access control, audit logging)
- Policy and documentation review with remediation planning
Common triggers: OCR inquiry, incident response, vendor evaluation.
SOC 2 Type 2 Policy Audits
Pre-audit preparation against the Trust Services Criteria.
- Policy review and alignment
- Gap identification
- Policy drafts and revisions
- Handoff package for full readiness assessment
Preparatory work โ not the SOC 2 attestation itself.
Cyber / IT Audits
General security-posture assessment without a specific compliance framework.
- Asset and access inventory
- Patch management and configuration review
- Network architecture and segmentation analysis
- Documentation, monitoring, and incident-response readiness
Use cases: inter-audit assessments, baseline establishment.
Need a real read on where you stand?
Every engagement is scoped to your environment, not templated.
Get in touch